package cn.myfirefly.utils;

import java.lang.reflect.Field;
import java.math.BigDecimal;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.hibernate.Query;

import cn.myfirefly.core.annotation.ColumnType;
import cn.myfirefly.core.model.BaseDto;
import cn.myfirefly.core.model.BaseFilterDto;
import cn.myfirefly.core.model.DataAuth;

public class FilterUtil {
	
	/**
	 * 将条件查询的参数放入BaseFilterDto,以便组装sql语句使用(在调用Dao之前使用)
	 * @param t 实体类对象
	 * @param request 当前request对象
	 */
	@SuppressWarnings({ "rawtypes", "unchecked" })
	public static <T extends BaseFilterDto> void wrapFilterDto(T t, HttpServletRequest request){
		Class tClass = t.getClass();
		Field[] fields = tClass.getDeclaredFields();
		//获取request内参数列表
		Map<String,String[]> map = request.getParameterMap();
		for (int i = 0; i < fields.length; i++) {
			String fieldName = fields[i].getName();
			if(map.get(fieldName+".operator") != null && map.get(fieldName+".operator").length > 0){
				String[] vals=map.get(fieldName+".operator");
				//将"="、"!="、"like"操作的值放入BaseFilterDto
				if(t.getList() != null && t.getList().length >0){
					String[] _vals = t.getList();
					List<String> StringList = new ArrayList<String>();
					for (String val : _vals) {//拿到之前过滤条件的值
						StringList.add(val);
					}
					for (String val : vals) {//拿到本次过滤条件的值
						StringList.add(val);
					}
					t.setList(StringList.toArray(new String[StringList.size()]));
				}else{
					t.setList(vals);
				}
			}
			if(map.get(fieldName+".andor") != null && map.get(fieldName+".andor").length > 0){
				String[] andors = map.get(fieldName+".andor");
				if(t.getAndOrList() != null && t.getAndOrList().length > 0){
					String[] _andors = t.getAndOrList();
					List<String> StringList = new ArrayList<String>();
					for (String _andor : _andors) {//拿到之前andor的值
						StringList.add(_andor);
					}
					for (String andor : andors) {//拿到本次andor的值
						StringList.add(andor);
					}
					t.setAndOrList(StringList.toArray(new String[StringList.size()]));
				}else{
					t.setAndOrList(andors);
				}
			}
		}
		//判断是否有排序字段----orderField为排序字段名，orderDirection为排序值
		if(map.get("orderField") != null && map.get("orderField").length > 0){//只有单列的排序
			t.setOrderField(map.get("orderField")[0]);
			t.setOrderDirection(map.get("orderDirection")[0]);
		}
	}
	
	/**
	 * 组装查询语句(要求前台页面的表头属性要按照实体类的顺序来排序),要求:①原始sql语句是以" where 1=1 "结尾②现版本只限于单表查询
	 * @param t 实体类对象
	 * @param tableName 表名(如有别名传别名,没有别名传表名)
	 * @param countSql 查询总条数sql
	 * @param querySql 查询结果sql
	 * @param paramList 成员变量的值的list
	 */
	@SuppressWarnings({ "rawtypes", "unchecked", "unused" })
	public static <T extends BaseFilterDto> void handleFilterSql(T t, String tableName, StringBuffer countSql, StringBuffer querySql, List paramList){
		//用于取第(length-_n)个"="、"!="、"like",_n初始值为length,每用一个-1
		int _n = 0;
		if(t.getList()!=null&&t.getList().length>0){
			_n = t.getList().length;
		}
		//获取传入对象t的类型T
		Class tClass = t.getClass();
		//获取T的成员变量
		Field[] fields = tClass.getDeclaredFields();
		int k = 0;//取andor的下标
		for (int i = 0 ; i < fields.length ; i ++) {
			//判断是否是注解的成员变量(继承类内含有没有注解的成员变量)
			if(fields[i].isAnnotationPresent(ColumnType.class)){
				//获取成员变量的名字
				String fieldName = fields[i].getName();
				//将成员变量属性由private变为可以访问
				fields[i].setAccessible(true);
				try {
					//获取成员变量的值
					Object[] fieldValue = null;
					if(i == 0 && (fields[i].getType() == Long.class || fields[i].getType() == long.class)){
						
					}else{
						fieldValue = (Object[]) fields[i].get(t);
					}
					//判断成员变量是否有值
					if(fieldValue != null){
						countSql.append(" and ( ");
						querySql.append(" and ( ");
						if(fieldValue.length>1){
							for (int j = 0 ; j < fieldValue.length ; j ++) {
								Object value = fieldValue[j];
								if(StrUtil.notBlank(value)){
									boolean _concatOrNot = false;//是否组装"and 1=2"SQL语句在末尾
									if("Double".equals(fields[i].getAnnotation(ColumnType.class).value())){
										try {
											double _value = Double.valueOf(fieldValue[j].toString());
										} catch (Exception e) {
											_concatOrNot = true;
										}
									}else if("BigDecimal".equals(fields[i].getAnnotation(ColumnType.class).value())){
										try {
											BigDecimal _value = new BigDecimal(fieldValue[j].toString());
										} catch (Exception e) {
											_concatOrNot = true;
										}
									}else if("Integer".equals(fields[i].getAnnotation(ColumnType.class).value())){
										try {
											Integer _value = Integer.valueOf(fieldValue[j].toString());
										} catch (Exception e) {
											_concatOrNot = true;
										}
									}
									//如果是多个查询条件,第一个查询条件不加"and"或者"or",以后有"and"或者"or"的查询
									if(j==0){
//											if(t.getAndOrList()!=null){
										//有andor
										if(_concatOrNot){//拼装" 1=2"SQL语句,标识输入任何错误类型的查询条件
											countSql.append(" 1 = 2 ");
											querySql.append(" 1 = 2 ");
										}else{
											countSql.append(getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " ? ");
											querySql.append(getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " ? ");
										}
//											}
									}else{
										if(t.getAndOrList()!=null){
											//有andor
											if(_concatOrNot){//拼装" 1=2"SQL语句,标识输入任何错误类型的查询条件
												countSql.append(t.getAndOrList()[k]+" 1 = 2 ");
												querySql.append(t.getAndOrList()[k]+" 1 = 2 ");
											}else{
												countSql.append(t.getAndOrList()[k] + " " + getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " ? ");
												querySql.append(t.getAndOrList()[k] + " " + getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " ? ");
											}
										}
										k++;
									}
									if("like".equals(t.getList()[t.getList().length-_n])){
										if(!_concatOrNot){
											paramList.add("%" + value + "%");
										}
									}else{
										if(!_concatOrNot){
											paramList.add(buildValue(fields[i], value));
										}
									}
									_n--;//每次条件查询都将_n减1,用于下一次取下一个值
								}else{
									if(j == 0){
										//如果前台传来两个空字符串数组
										countSql.append(" 1 = 1 ");
										querySql.append(" 1 = 1 ");
									}else{
										countSql.append(" and 1 = 1 ");
										querySql.append(" and 1 = 1 ");
									}
								}
							}
						}else{
							if("like".equals(t.getList()[t.getList().length-_n])){
								countSql.append(getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " ? ");
								querySql.append(getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " ? ");
								paramList.add("%" + fieldValue[0] + "%");
							}else{
								Object value = buildValue(fields[i], fieldValue[0]);
								if (value == null) {
									countSql.append(" 1 = 2 ");
									querySql.append(" 1 = 2 ");
								} else {
									countSql.append(getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " ? ");
									querySql.append(getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " ? ");
									paramList.add(value);
								}
							}
							if(_n>0){
								_n--;
							}
						}
						countSql.append(" ) ");
						querySql.append(" ) ");
					}
					//将成员变量属性变回private
					fields[i].setAccessible(false);
				} catch (IllegalArgumentException e) {
					e.printStackTrace();
				} catch (IllegalAccessException e) {
					e.printStackTrace();
				}
			}
		}
		//如果有排序,则拼装排序
		if(StrUtil.notBlank(t.getOrderField())){
			//程序中约定 时间格式化得字符串 时间成员变量    结尾都为Format
			String filed = t.getOrderField();
			if(filed.endsWith("Format")){
				filed = filed.substring(0, filed.lastIndexOf("Format"));
			}
			countSql.append(" order by " + filed + " " + t.getOrderDirection()) ;
			querySql.append(" order by " + filed + " " + t.getOrderDirection()) ;
		}
	}
	
	/**
	 * 组装查询语句(要求前台页面的表头属性要按照实体类的顺序来排序),要求:①原始sql语句是以" where 1=1 "结尾②现版本只限于单表查询
	 * @param t 实体类对象
	 * @param tableName 表名(如有别名传别名,没有别名传表名)
	 * @param countSql 查询总条数sql
	 * @param querySql 查询结果sql
	 * @param paramList 成员变量的值的list
	 */
	@SuppressWarnings({ "rawtypes", "unchecked", "unused" })
	public static <T extends BaseFilterDto> void handleFilterSql(T t, String tableName, StringBuffer querySql, List paramList){
		//用于取第(length-_n)个"="、"!="、"like",_n初始值为length,每用一个-1
		int _n = 0;
		if(t.getList()!=null&&t.getList().length>0){
			_n = t.getList().length;
		}
		//获取传入对象t的类型T
		Class tClass = t.getClass();
		//获取T的成员变量
		Field[] fields = tClass.getDeclaredFields();
		int k = 0;//取andor的下标
		for (int i = 0 ; i < fields.length ; i ++) {
			//判断是否是注解的成员变量(继承类内含有没有注解的成员变量)
			if(fields[i].isAnnotationPresent(ColumnType.class)){
				//获取成员变量的名字
				String fieldName = fields[i].getName();
				//将成员变量属性由private变为可以访问
				fields[i].setAccessible(true);
				try {
					//获取成员变量的值
					Object[] fieldValue = null;
					if(i == 0 && (fields[i].getType() == Long.class || fields[i].getType() == long.class)){
						
					}else{
						fieldValue = (Object[]) fields[i].get(t);
					}
					//判断成员变量是否有值
					if(fieldValue != null){
						querySql.append(" and ( ");
						if(fieldValue.length>1){
							for (int j = 0 ; j < fieldValue.length ; j ++) {
								Object value = fieldValue[j];
								if(StrUtil.notBlank(value)){
									boolean _concatOrNot = false;//是否组装"and 1=2"SQL语句在末尾
									if("Double".equals(fields[i].getAnnotation(ColumnType.class).value())){
										try {
											double _value = Double.valueOf(fieldValue[j].toString());
										} catch (Exception e) {
											_concatOrNot = true;
										}
									}else if("BigDecimal".equals(fields[i].getAnnotation(ColumnType.class).value())){
										try {
											BigDecimal _value = new BigDecimal(fieldValue[j].toString());
										} catch (Exception e) {
											_concatOrNot = true;
										}
									}else if("Integer".equals(fields[i].getAnnotation(ColumnType.class).value())){
										try {
											Integer _value = Integer.valueOf(fieldValue[j].toString());
										} catch (Exception e) {
											_concatOrNot = true;
										}
									}
									//如果是多个查询条件,第一个查询条件不加"and"或者"or",以后有"and"或者"or"的查询
									if(j==0){
//											if(t.getAndOrList()!=null){
										//有andor
										if(_concatOrNot){//拼装" 1=2"SQL语句,标识输入任何错误类型的查询条件
											querySql.append(" 1 = 2 ");
										}else{
											querySql.append(getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " ? ");
										}
//											}
									}else{
										if(t.getAndOrList()!=null){
											//有andor
											if(_concatOrNot){//拼装" 1=2"SQL语句,标识输入任何错误类型的查询条件
												querySql.append(t.getAndOrList()[k]+" 1 = 2 ");
											}else{
												querySql.append(t.getAndOrList()[k] + " " + getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " ? ");
											}
										}
										k++;
									}
									if("like".equals(t.getList()[t.getList().length-_n])){
										if(!_concatOrNot){
											paramList.add("%" + value + "%");
										}
									}else{
										if(!_concatOrNot){
											paramList.add(buildValue(fields[i], value));
										}
									}
									_n--;//每次条件查询都将_n减1,用于下一次取下一个值
								}else{
									if(j == 0){
										//如果前台传来两个空字符串数组
										querySql.append(" 1 = 1 ");
									}else{
										querySql.append(" and 1 = 1 ");
									}
								}
							}
						}else{
							if("like".equals(t.getList()[t.getList().length-_n])){
								querySql.append(getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " ? ");
								paramList.add("%" + fieldValue[0] + "%");
							}else{
								Object value = buildValue(fields[i], fieldValue[0]);
								if (value == null) {
									querySql.append(" 1 = 2 ");
								} else {
									querySql.append(getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " ? ");
									paramList.add(value);
								}
							}
							if(_n>0){
								_n--;
							}
						}
						querySql.append(" ) ");
					}
					//将成员变量属性变回private
					fields[i].setAccessible(false);
				} catch (IllegalArgumentException e) {
					e.printStackTrace();
				} catch (IllegalAccessException e) {
					e.printStackTrace();
				}
			}
		}
		//如果有排序,则拼装排序
		if(StrUtil.notBlank(t.getOrderField())){
			//程序中约定 时间格式化得字符串 时间成员变量    结尾都为Format
			String filed = t.getOrderField();
			if(filed.endsWith("Format")){
				filed = filed.substring(0, filed.lastIndexOf("Format"));
			}
			querySql.append(" order by " + filed + " " + t.getOrderDirection()) ;
		}
	}
	
	@SuppressWarnings({ "rawtypes", "unused" })
	public static <T extends BaseFilterDto> void handleFilterSql(T t, String tableName, StringBuffer querySql, Map<String, Object> param){
		//用于取第(length-_n)个"="、"!="、"like",_n初始值为length,每用一个-1
		int _n = 0;
		if(t.getList()!=null&&t.getList().length>0){
			_n = t.getList().length;
		}
		//获取传入对象t的类型T
		Class tClass = t.getClass();
		//获取T的成员变量
		Field[] fields = tClass.getDeclaredFields();
		int k = 0;//取andor的下标
		int paramIndex = 1;
		for (int i = 0 ; i < fields.length ; i ++) {
			//判断是否是注解的成员变量(继承类内含有没有注解的成员变量)
			if(fields[i].isAnnotationPresent(ColumnType.class)){
				//获取成员变量的名字
				String fieldName = fields[i].getName();
				//将成员变量属性由private变为可以访问
				fields[i].setAccessible(true);
				try {
					//获取成员变量的值
					Object[] fieldValue = null;
					if(i == 0 && (fields[i].getType() == Long.class || fields[i].getType() == long.class)){
						
					}else{
						fieldValue = (Object[]) fields[i].get(t);
					}
					//判断成员变量是否有值
					if(fieldValue != null){
						querySql.append(" and ( ");
						if(fieldValue.length>1){
							for (int j = 0 ; j < fieldValue.length ; j ++) {
								Object value = fieldValue[j];
								if(StrUtil.notBlank(value)){
									boolean _concatOrNot = false;//是否组装"and 1=2"SQL语句在末尾
									if("Double".equals(fields[i].getAnnotation(ColumnType.class).value())){
										try {
											double _value = Double.valueOf(fieldValue[j].toString());
										} catch (Exception e) {
											_concatOrNot = true;
										}
									}else if("BigDecimal".equals(fields[i].getAnnotation(ColumnType.class).value())){
										try {
											BigDecimal _value = new BigDecimal(fieldValue[j].toString());
										} catch (Exception e) {
											_concatOrNot = true;
										}
									}else if("Integer".equals(fields[i].getAnnotation(ColumnType.class).value())){
										try {
											Integer _value = Integer.valueOf(fieldValue[j].toString());
										} catch (Exception e) {
											_concatOrNot = true;
										}
									}
									//如果是多个查询条件,第一个查询条件不加"and"或者"or",以后有"and"或者"or"的查询
									if(j==0){
//											if(t.getAndOrList()!=null){
										//有andor
										if(_concatOrNot){//拼装" 1=2"SQL语句,标识输入任何错误类型的查询条件
											querySql.append(" 1 = 2 ");
										}else{
											//querySql.append(getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " #{" + paramIndex + "} ");
											querySql.append(getTableName(fields[i], tableName));
											querySql.append(".");
											querySql.append(fieldName);
											querySql.append(" ");
											querySql.append(t.getList()[t.getList().length-_n]);
											querySql.append(" ? ");
										}
//											}
									}else{
										if(t.getAndOrList()!=null){
											//有andor
											if(_concatOrNot){//拼装" 1=2"SQL语句,标识输入任何错误类型的查询条件
												querySql.append(t.getAndOrList()[k]);
												querySql.append(" 1 = 2 ");
											}else{
												//querySql.append(t.getAndOrList()[k] + " " + getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " #{" + paramIndex + "} ");
												querySql.append(t.getAndOrList()[k]);
												querySql.append(" ");
												querySql.append(getTableName(fields[i], tableName));
												querySql.append(".");
												querySql.append(fieldName);
												querySql.append(" ");
												querySql.append(t.getList()[t.getList().length-_n]);
												querySql.append(" ? ");
											}
										}
										k++;
									}
									if("like".equals(t.getList()[t.getList().length-_n])){
										if(!_concatOrNot){
											param.put(String.valueOf(paramIndex), "%" + value + "%");
											paramIndex++;
										}
									}else{
										if(!_concatOrNot){
											param.put(String.valueOf(paramIndex), buildValue(fields[i], value));
											paramIndex++;
										}
									}
									_n--;//每次条件查询都将_n减1,用于下一次取下一个值
								}else{
									if(j == 0){
										//如果前台传来两个空字符串数组
										querySql.append(" 1 = 1 ");
									}else{
										querySql.append(" and 1 = 1 ");
									}
								}
							}
						}else{
							if("like".equals(t.getList()[t.getList().length-_n])){
								//querySql.append(getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " #{" + paramIndex + "} ");
								querySql.append(getTableName(fields[i], tableName));
								querySql.append(".");
								querySql.append(fieldName);
								querySql.append(" ");
								querySql.append(t.getList()[t.getList().length-_n]);
								querySql.append(" ? ");
								param.put(String.valueOf(paramIndex), "%" + fieldValue[0] + "%");
								paramIndex++;
							}else{
								Object value = buildValue(fields[i], fieldValue[0]);
								if (value == null) {
									querySql.append(" 1 = 2 ");
								} else {
									//querySql.append(getTableName(fields[i], tableName) + "." + fieldName + " " + t.getList()[t.getList().length-_n] + " #{" + paramIndex + "} ");
									querySql.append(getTableName(fields[i], tableName));
									querySql.append(".");
									querySql.append(fieldName);
									querySql.append(" ");
									querySql.append(t.getList()[t.getList().length-_n]);
									querySql.append(" ? ");
									param.put(String.valueOf(paramIndex), value);
									paramIndex++;
								}
							}
							if(_n>0){
								_n--;
							}
						}
						querySql.append(" ) ");
					}
					//将成员变量属性变回private
					fields[i].setAccessible(false);
				} catch (IllegalArgumentException e) {
					e.printStackTrace();
				} catch (IllegalAccessException e) {
					e.printStackTrace();
				}
			}
		}
		//如果有排序,则拼装排序
		if(StrUtil.notBlank(t.getOrderField())){
			//程序中约定 时间格式化得字符串 时间成员变量    结尾都为Format
			String filed = t.getOrderField();
			if(filed.endsWith("Format")){
				filed = filed.substring(0, filed.lastIndexOf("Format"));
			}
			querySql.append(" order by " + filed + " " + t.getOrderDirection()) ;
		}
	}
	
	@SuppressWarnings({ "rawtypes", "unchecked" })
	public static void handleDataAuthSql(BaseDto dto, StringBuffer querySql, List paramList) {
		DataAuth dataAuth = dto.getDataAuth();
		if (dataAuth != null) {
			StringBuffer where = new StringBuffer();
			if (StrUtil.equals(dataAuth.getTypeValue(), "person")) {
				// 如果数据权限类型是人员，则直接使用当前登录用户的ID或者用户名
				where.append(" where _tt.");
				where.append(dataAuth.getObjectValue());
				where.append(" = ? ");
				querySql.insert(0, "select * from (");
				querySql.append(") _tt ");
				querySql.append(where);
				paramList.add(dto.getTargetDataAuthObject());
			} else if (StrUtil.equals(dataAuth.getTypeValue(), "departmemt")) {
				// 如果数据权限类型是部门，则直接使用当前登录用户所在的部门ID或者部门名称
				where.append(" where _tt.");
				where.append(dataAuth.getObjectValue());
				where.append(" = ? ");
				querySql.insert(0, "select * from (");
				querySql.append(") _tt ");
				querySql.append(where);
				paramList.add(dto.getTargetDataAuthObject());
			} else if (StrUtil.equals(dataAuth.getTypeValue(), "current_dept_person")) {
				// 如果数据权限类型是当前部门的人员，则直接使用当前登录用户所在的部门的所有人员ID或者名称
				List list = (List)dto.getTargetDataAuthObject();
				if (CollectionUtil.isNotEmpty(list)) {
					where.append(" where _tt.");
					where.append(dataAuth.getObjectValue());
					where.append(" in (");
					int size = list.size();
					for (int i = 0; i < size; i++) {
						if ((i + 1) == size) {
							where.append(" ?");
						} else {
							where.append(" ?,");
						}
						paramList.add(list.get(i));
					}
					where.append(") ");
					
					querySql.insert(0, "select * from (");
					querySql.append(") _tt ");
					querySql.append(where);
				}
			} else if (StrUtil.equals(dataAuth.getTypeValue(), "dept_include_person")) {
				// 如果数据权限类型是部门及子部门人员，则直接使用当前登录用户所在部门以及子部门的所有人员ID或者名称
				List list = (List)dto.getTargetDataAuthObject();
				if (CollectionUtil.isNotEmpty(list)) {
					where.append(" where _tt.");
					where.append(dataAuth.getObjectValue());
					where.append(" in (");
					int size = list.size();
					for (int i = 0; i < size; i++) {
						if ((i + 1) == size) {
							where.append(" ?");
						} else {
							where.append(" ?,");
						}
						paramList.add(list.get(i));
					}
					where.append(") ");
					
					querySql.insert(0, "select * from (");
					querySql.append(") _tt ");
					querySql.append(where);
				}
			}
		}
	}
	
	@SuppressWarnings({ "rawtypes", "unchecked" })
	public static void handleDataAuthSql(BaseFilterDto dto, StringBuffer querySql, List paramList) {
		DataAuth dataAuth = dto.getDataAuth();
		if (dataAuth != null) {
			StringBuffer where = new StringBuffer();
			if (StrUtil.equals(dataAuth.getTypeValue(), "person")) {
				// 如果数据权限类型是人员，则直接使用当前登录用户的ID或者用户名
				where.append(" where _tt.");
				where.append(dataAuth.getObjectValue());
				where.append(" = ? ");
				querySql.insert(0, "select * from (");
				querySql.append(") _tt ");
				querySql.append(where);
				paramList.add(dto.getTargetDataAuthObject());
			} else if (StrUtil.equals(dataAuth.getTypeValue(), "departmemt")) {
				// 如果数据权限类型是部门，则直接使用当前登录用户所在的部门ID或者部门名称
				where.append(" where _tt.");
				where.append(dataAuth.getObjectValue());
				where.append(" = ? ");
				querySql.insert(0, "select * from (");
				querySql.append(") _tt ");
				querySql.append(where);
				paramList.add(dto.getTargetDataAuthObject());
			} else if (StrUtil.equals(dataAuth.getTypeValue(), "current_dept_person")) {
				// 如果数据权限类型是当前部门的人员，则直接使用当前登录用户所在的部门的所有人员ID或者名称
				List list = (List)dto.getTargetDataAuthObject();
				if (CollectionUtil.isNotEmpty(list)) {
					where.append(" where _tt.");
					where.append(dataAuth.getObjectValue());
					where.append(" in (");
					int size = list.size();
					for (int i = 0; i < size; i++) {
						if ((i + 1) == size) {
							where.append(" ?");
						} else {
							where.append(" ?,");
						}
						paramList.add(list.get(i));
					}
					where.append(") ");
					
					querySql.insert(0, "select * from (");
					querySql.append(") _tt ");
					querySql.append(where);
				}
			} else if (StrUtil.equals(dataAuth.getTypeValue(), "dept_include_person")) {
				// 如果数据权限类型是部门及子部门人员，则直接使用当前登录用户所在部门以及子部门的所有人员ID或者名称
				List list = (List)dto.getTargetDataAuthObject();
				if (CollectionUtil.isNotEmpty(list)) {
					where.append(" where _tt.");
					where.append(dataAuth.getObjectValue());
					where.append(" in (");
					int size = list.size();
					for (int i = 0; i < size; i++) {
						if ((i + 1) == size) {
							where.append(" ?");
						} else {
							where.append(" ?,");
						}
						paramList.add(list.get(i));
					}
					where.append(") ");
					
					querySql.insert(0, "select * from (");
					querySql.append(") _tt ");
					querySql.append(where);
				}
			}
		}
	}
	
	/**
	 * 将参数放入query中
	 * @param query 查询对象
	 * @param params 参数列表
	 */
	public static void setQueryParams(Query query, Object[] params){
		for (int i = 0 ; i < params.length ; i ++ ) {
			if (params[i] instanceof String) {
				query.setString(i, (String) params[i]);
			} else if (params[i] instanceof Integer) {
				query.setInteger(i, (Integer) params[i]);
			} else if (params[i] instanceof Double) {
				query.setDouble(i, (Double) params[i]);
			} else if (params[i] instanceof Date) {
				query.setDate(i, (Date) params[i]);
			} else if (params[i] instanceof BigDecimal) {
				query.setBigDecimal(i, (BigDecimal) params[i]);
			}
		}
	}
	
	/**
	 * 将参数放入query中
	 * @param query 查询对象
	 * @param paramList 参数列表
	 */
	@SuppressWarnings("rawtypes")
	public static void setQueryParams(Query query, List paramList){
		setQueryParams(query, paramList.toArray());
	}
	
	private static String getTableName(Field field, String defaultName) {
		String tableName = defaultName;
		if (field.isAnnotationPresent(ColumnType.class)) {
			tableName = field.getAnnotation(ColumnType.class).tableName();
			if (StrUtil.isBlank(tableName)) {
				tableName = defaultName;
			}
		}
		return tableName;
	}
	
	private static Object buildValue(Field field, Object fieldValue) {
		Object retObject = fieldValue;
		String columnType = field.getAnnotation(ColumnType.class).value();
		if ("Double".equalsIgnoreCase(columnType)) {
			try {
				retObject = Double.valueOf(fieldValue.toString());
			} catch (Exception e) {
				retObject = null;
			}
		} else if ("BigDecimal".equalsIgnoreCase(columnType)) {
			try {
				retObject = new BigDecimal(fieldValue.toString());
			} catch (Exception e) {
				retObject = null;
			}
		} else if ("Integer".equalsIgnoreCase(columnType)) {
			try {
				retObject = Integer.valueOf(fieldValue.toString());
			} catch (Exception e) {
				retObject = null;
			}
		} else if ("Date".equalsIgnoreCase(columnType)) {
			retObject = DateUtil.str2Date(fieldValue.toString(), field.getAnnotation(ColumnType.class).pattern());
		}
		return retObject;
	}
}
